Update secp256k1 to 0.30.0

Migrated `from_slice` usage to `from_byte_array` with proper error
forwarding when needed.
Converted to Message::as_ref<[u8]> for signing due to API change of
receiving arbitrary byte arrays in lieu of Message hashes only.
Updated lockfiles.

`from_slice` has been deprecated by rust-bitcoin#3102 due to better support for arrays in Rust.
BIP340 supports arbitrary byte arrays as discussed on rust-bitcoin/rust-secp256k1#706

Closes rust-bitcoin#3482

Author: mmtftr

Cargo-minimal.lock

@@ -61,7 +61,7 @@ dependencies = [
  "bech32",
  "bincode",
  "bitcoin-internals",
- "bitcoin-io",
+ "bitcoin-io 0.2.0",
  "bitcoin-primitives",
  "bitcoin-units",
  "bitcoin_hashes 0.16.0",
@@ -100,6 +100,12 @@ dependencies = [
  "serde_json",
 ]
 
+[[package]]
+name = "bitcoin-io"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0b47c4ab7a93edb0c7198c5535ed9b52b63095f4e9b45279c6736cec4b856baf"
+
 [[package]]
 name = "bitcoin-io"
 version = "0.2.0"
@@ -114,7 +120,7 @@ dependencies = [
  "arbitrary",
  "bincode",
  "bitcoin-internals",
- "bitcoin-io",
+ "bitcoin-io 0.2.0",
  "bitcoin-units",
  "bitcoin_hashes 0.16.0",
  "hex-conservative 0.3.0",
@@ -142,14 +148,15 @@ version = "0.14.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bb18c03d0db0247e147a21a6faafd5a7eb851c743db062de72018b6b7e8e4d16"
 dependencies = [
+ "bitcoin-io 0.1.3",
  "hex-conservative 0.2.0",
 ]
 
 [[package]]
 name = "bitcoin_hashes"
 version = "0.16.0"
 dependencies = [
- "bitcoin-io",
+ "bitcoin-io 0.2.0",
  "hex-conservative 0.3.0",
  "serde",
  "serde_json",
@@ -389,9 +396,9 @@ checksum = "c92464b447c0ee8c4fb3824ecc8383b81717b9f1e74ba2e72540aef7b9f82997"
 
 [[package]]
 name = "secp256k1"
-version = "0.29.0"
+version = "0.30.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0e0cc0f1cf93f4969faf3ea1c7d8a9faed25918d96affa959720823dfe86d4f3"
+checksum = "b50c5943d326858130af85e049f2661ba3c78b26589b8ab98e65e80ae44a1252"
 dependencies = [
  "bitcoin_hashes 0.14.0",
  "rand",

Cargo-recent.lock

@@ -60,7 +60,7 @@ dependencies = [
  "bech32",
  "bincode",
  "bitcoin-internals",
- "bitcoin-io",
+ "bitcoin-io 0.2.0",
  "bitcoin-primitives",
  "bitcoin-units",
  "bitcoin_hashes 0.16.0",
@@ -99,6 +99,12 @@ dependencies = [
  "serde_json",
 ]
 
+[[package]]
+name = "bitcoin-io"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0b47c4ab7a93edb0c7198c5535ed9b52b63095f4e9b45279c6736cec4b856baf"
+
 [[package]]
 name = "bitcoin-io"
 version = "0.2.0"
@@ -113,7 +119,7 @@ dependencies = [
  "arbitrary",
  "bincode",
  "bitcoin-internals",
- "bitcoin-io",
+ "bitcoin-io 0.2.0",
  "bitcoin-units",
  "bitcoin_hashes 0.16.0",
  "hex-conservative 0.3.0",
@@ -141,14 +147,15 @@ version = "0.14.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bb18c03d0db0247e147a21a6faafd5a7eb851c743db062de72018b6b7e8e4d16"
 dependencies = [
+ "bitcoin-io 0.1.3",
  "hex-conservative 0.2.1",
 ]
 
 [[package]]
 name = "bitcoin_hashes"
 version = "0.16.0"
 dependencies = [
- "bitcoin-io",
+ "bitcoin-io 0.2.0",
  "hex-conservative 0.3.0",
  "serde",
  "serde_json",
@@ -390,9 +397,9 @@ checksum = "f3cb5ba0dc43242ce17de99c180e96db90b235b8a9fdc9543c96d2209116bd9f"
 
 [[package]]
 name = "secp256k1"
-version = "0.29.1"
+version = "0.30.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9465315bc9d4566e1724f0fffcbcc446268cb522e60f9a27bcded6b19c108113"
+checksum = "b50c5943d326858130af85e049f2661ba3c78b26589b8ab98e65e80ae44a1252"
 dependencies = [
  "bitcoin_hashes 0.14.0",
  "rand",

bitcoin/Cargo.toml

@@ -17,7 +17,7 @@ exclude = ["tests", "contrib"]
 [features]
 default = [ "std", "secp-recovery" ]
 std = ["base58/std", "bech32/std", "hashes/std", "hex/std", "internals/std", "io/std", "primitives/std", "secp256k1/std", "units/std", "bitcoinconsensus?/std"]
-rand-std = ["secp256k1/rand-std", "std"]
+rand-std = ["secp256k1/std", "secp256k1/rand", "std"]
 rand = ["secp256k1/rand"]
 serde = ["dep:serde", "hashes/serde", "internals/serde", "primitives/serde", "secp256k1/serde", "units/serde"]
 secp-lowmemory = ["secp256k1/lowmemory"]
@@ -32,7 +32,7 @@ hex = { package = "hex-conservative", version = "0.3.0", default-features = fals
 internals = { package = "bitcoin-internals", version = "0.4.0", features = ["alloc"] }
 io = { package = "bitcoin-io", version = "0.2.0", default-features = false, features = ["alloc"] }
 primitives = { package = "bitcoin-primitives", version = "0.101.0", default-features = false, features = ["alloc"] }
-secp256k1 = { version = "0.29.0", default-features = false, features = ["hashes", "alloc"] }
+secp256k1 = { version = "0.30.0", default-features = false, features = ["hashes", "alloc"] }
 units = { package = "bitcoin-units", version = "0.2.0", default-features = false, features = ["alloc"] }
 
 arbitrary = { version = "1.4", optional = true }

bitcoin/examples/sighash.rs

@@ -125,12 +125,7 @@ fn compute_sighash_p2wsh(raw_tx: &[u8], inp_idx: usize, amount: Amount) {
         assert!((70..=72).contains(&sig_len), "signature length {} out of bounds", sig_len);
         //here we assume that all sighash_flags are the same. Can they be different?
         let sighash = cache
-            .p2wsh_signature_hash(
-                inp_idx,
-                witness_script,
-                amount,
-                sig.sighash_type,
-            )
+            .p2wsh_signature_hash(inp_idx, witness_script, amount, sig.sighash_type)
             .expect("failed to compute sighash");
         println!("SegWit p2wsh sighash: {:x} ({})", sighash, sig.sighash_type);
     }

bitcoin/examples/sign-tx-taproot.rs

@@ -71,7 +71,7 @@ fn main() {
     // Sign the sighash using the secp256k1 library (exported by rust-bitcoin).
     let tweaked: TweakedKeypair = keypair.tap_tweak(&secp, None);
     let msg = Message::from(sighash);
-    let signature = secp.sign_schnorr(&msg, &tweaked.to_inner());
+    let signature = secp.sign_schnorr(msg.as_ref(), &tweaked.to_inner());
 
     // Update the witness stack.
     let signature = bitcoin::taproot::Signature { signature, sighash_type };

bitcoin/examples/taproot-psbt.rs

@@ -747,7 +747,7 @@ fn sign_psbt_taproot(
     };
 
     let msg = secp256k1::Message::from(hash);
-    let signature = secp.sign_schnorr(&msg, &keypair);
+    let signature = secp.sign_schnorr(msg.as_ref(), &keypair);
 
     let final_signature = taproot::Signature { signature, sighash_type };
 

bitcoin/src/bip32.rs

@@ -593,7 +593,11 @@ impl Xpriv {
             depth: 0,
             parent_fingerprint: Default::default(),
             child_number: ChildNumber::ZERO_NORMAL,
-            private_key: secp256k1::SecretKey::from_slice(&hmac_result.as_ref()[..32])?,
+            private_key: secp256k1::SecretKey::from_byte_array(
+                &hmac_result.as_ref()[..32]
+                    .try_into()
+                    .expect("Internal HMAC hash is broken: shorter than 32 bytes"),
+            )?,
             chain_code: ChainCode::from_hmac(hmac_result),
         })
     }
@@ -665,8 +669,12 @@ impl Xpriv {
 
         hmac_engine.input(&u32::from(i).to_be_bytes());
         let hmac_result: Hmac<sha512::Hash> = Hmac::from_engine(hmac_engine);
-        let sk = secp256k1::SecretKey::from_slice(&hmac_result.as_ref()[..32])
-            .expect("statistically impossible to hit");
+        let sk = secp256k1::SecretKey::from_byte_array(
+            &hmac_result.as_ref()[..32]
+                .try_into()
+                .expect("HMAC internal hash is broken: shorter than 32 bytes"),
+        )
+        .expect("statistically impossible to hit");
         let tweaked =
             sk.add_tweak(&self.private_key.into()).expect("statistically impossible to hit");
 
@@ -705,7 +713,9 @@ impl Xpriv {
             chain_code: data[13..45]
                 .try_into()
                 .expect("45 - 13 == 32, which is the ChainCode length"),
-            private_key: secp256k1::SecretKey::from_slice(&data[46..78])?,
+            private_key: secp256k1::SecretKey::from_byte_array(
+                data[46..78].try_into().expect("78 - 46 == 32, which is the SecretKey length"),
+            )?,
         })
     }
 
@@ -813,7 +823,11 @@ impl Xpub {
 
                 let hmac_result: Hmac<sha512::Hash> = Hmac::from_engine(hmac_engine);
 
-                let private_key = secp256k1::SecretKey::from_slice(&hmac_result.as_ref()[..32])?;
+                let private_key = secp256k1::SecretKey::from_byte_array(
+                    &hmac_result.as_ref()[..32]
+                        .try_into()
+                        .expect("HMAC internal hash is broken: shorter than 32 bytes"),
+                )?;
                 let chain_code = ChainCode::from_hmac(hmac_result);
                 Ok((private_key, chain_code))
             }

bitcoin/src/crypto/key.rs

@@ -464,7 +464,12 @@ impl PrivateKey {
         data: &[u8],
         network: impl Into<NetworkKind>,
     ) -> Result<PrivateKey, secp256k1::Error> {
-        Ok(PrivateKey::new(secp256k1::SecretKey::from_slice(data)?, network))
+        Ok(PrivateKey::new(
+            secp256k1::SecretKey::from_byte_array(
+                data.try_into().map_err(|_| secp256k1::Error::InvalidSecretKey)?,
+            )?,
+            network,
+        ))
     }
 
     /// Formats the private key to WIF format.
@@ -514,7 +519,9 @@ impl PrivateKey {
         Ok(PrivateKey {
             compressed,
             network,
-            inner: secp256k1::SecretKey::from_slice(&data[1..33])?,
+            inner: secp256k1::SecretKey::from_byte_array(
+                data[1..33].try_into().expect("slice len checked == 32"),
+            )?,
         })
     }
 }

bitcoin/src/crypto/sighash.rs

@@ -2012,7 +2012,8 @@ mod tests {
                 .unwrap();
 
             let msg = secp256k1::Message::from(sighash);
-            let key_spend_sig = secp.sign_schnorr_with_aux_rand(&msg, &tweaked_keypair, &[0u8; 32]);
+            let key_spend_sig =
+                secp.sign_schnorr_with_aux_rand(msg.as_ref(), &tweaked_keypair, &[0u8; 32]);
 
             assert_eq!(expected.internal_pubkey, internal_key);
             assert_eq!(expected.tweak, tweak);

bitcoin/src/crypto/taproot.rs

@@ -32,13 +32,17 @@ impl Signature {
         match sl.len() {
             64 => {
                 // default type
-                let signature = secp256k1::schnorr::Signature::from_slice(sl)?;
+                let signature = secp256k1::schnorr::Signature::from_byte_array(
+                    sl.try_into().expect("slice len checked == 64"),
+                );
                 Ok(Signature { signature, sighash_type: TapSighashType::Default })
             }
             65 => {
                 let (sighash_type, signature) = sl.split_last().expect("slice len checked == 65");
                 let sighash_type = TapSighashType::from_consensus_u8(*sighash_type)?;
-                let signature = secp256k1::schnorr::Signature::from_slice(signature)?;
+                let signature = secp256k1::schnorr::Signature::from_byte_array(
+                    signature.try_into().expect("slice len checked == 64"),
+                );
                 Ok(Signature { signature, sighash_type })
             }
             len => Err(SigFromSliceError::InvalidSignatureSize(len)),
@@ -70,7 +74,7 @@ impl Signature {
     /// You can get a slice from it using deref coercions or turn it into an iterator.
     pub fn serialize(self) -> SerializedSignature {
         let mut buf = [0; serialized_signature::MAX_LEN];
-        let ser_sig = self.signature.serialize();
+        let ser_sig = self.signature.to_byte_array();
         buf[..64].copy_from_slice(&ser_sig);
         let len = if self.sighash_type == TapSighashType::Default {
             // default sighash type, don't add extra sighash byte
@@ -140,7 +144,7 @@ impl<'a> Arbitrary<'a> for Signature {
         let arbitrary_bytes: [u8; secp256k1::constants::SCHNORR_SIGNATURE_SIZE] = u.arbitrary()?;
 
         Ok(Signature {
-            signature: secp256k1::schnorr::Signature::from_slice(&arbitrary_bytes).unwrap(),
+            signature: secp256k1::schnorr::Signature::from_byte_array(arbitrary_bytes),
             sighash_type: TapSighashType::arbitrary(u)?,
         })
     }

bitcoin/src/psbt/mod.rs

@@ -445,9 +445,9 @@ impl Psbt {
                         .to_inner();
 
                     #[cfg(feature = "rand-std")]
-                    let signature = secp.sign_schnorr(&msg, &key_pair);
+                    let signature = secp.sign_schnorr(msg.as_ref(), &key_pair);
                     #[cfg(not(feature = "rand-std"))]
-                    let signature = secp.sign_schnorr_no_aux_rand(&msg, &key_pair);
+                    let signature = secp.sign_schnorr_no_aux_rand(msg.as_ref(), &key_pair);
 
                     let signature = taproot::Signature { signature, sighash_type };
                     input.tap_key_sig = Some(signature);
@@ -472,9 +472,9 @@ impl Psbt {
                             self.sighash_taproot(input_index, cache, Some(lh))?;
 
                         #[cfg(feature = "rand-std")]
-                        let signature = secp.sign_schnorr(&msg, &key_pair);
+                        let signature = secp.sign_schnorr(msg.as_ref(), &key_pair);
                         #[cfg(not(feature = "rand-std"))]
-                        let signature = secp.sign_schnorr_no_aux_rand(&msg, &key_pair);
+                        let signature = secp.sign_schnorr_no_aux_rand(msg.as_ref(), &key_pair);
 
                         let signature = taproot::Signature { signature, sighash_type };
                         input.tap_script_sigs.insert((xonly, lh), signature);

bitcoin/src/psbt/serialize.rs

@@ -260,7 +260,8 @@ impl Serialize for XOnlyPublicKey {
 
 impl Deserialize for XOnlyPublicKey {
     fn deserialize(bytes: &[u8]) -> Result<Self, Error> {
-        XOnlyPublicKey::from_slice(bytes).map_err(|_| Error::InvalidXOnlyPublicKey)
+        XOnlyPublicKey::from_byte_array(bytes.try_into().map_err(|_| Error::InvalidXOnlyPublicKey)?)
+            .map_err(|_| Error::InvalidXOnlyPublicKey)
     }
 }
 

bitcoin/src/sign_message.rs

@@ -104,7 +104,7 @@ mod message_signing {
         pub fn serialize(&self) -> [u8; 65] {
             let (recid, raw) = self.signature.serialize_compact();
             let mut serialized = [0u8; 65];
-            serialized[0] = recid.to_i32() as u8 + if self.compressed { 31 } else { 27 };
+            serialized[0] = i32::from(recid) as u8 + if self.compressed { 31 } else { 27 };
             serialized[1..].copy_from_slice(&raw[..]);
             serialized
         }
@@ -115,7 +115,7 @@ mod message_signing {
             if bytes[0] < 27 {
                 return Err(secp256k1::Error::InvalidRecoveryId);
             };
-            let recid = RecoveryId::from_i32(((bytes[0] - 27) & 0x03) as i32)?;
+            let recid = RecoveryId::try_from(((bytes[0] - 27) & 0x03) as i32)?;
             Ok(MessageSignature {
                 signature: RecoverableSignature::from_compact(&bytes[1..], recid)?,
                 compressed: ((bytes[0] - 27) & 0x04) != 0,

bitcoin/src/taproot/mod.rs

@@ -1121,8 +1121,12 @@ impl ControlBlock {
         };
 
         let leaf_version = LeafVersion::from_consensus(sl[0] & TAPROOT_LEAF_MASK)?;
-        let internal_key = UntweakedPublicKey::from_slice(&sl[1..TAPROOT_CONTROL_BASE_SIZE])
-            .map_err(TaprootError::InvalidInternalKey)?;
+        let internal_key = UntweakedPublicKey::from_byte_array(
+            sl[1..TAPROOT_CONTROL_BASE_SIZE].try_into().map_err(|_| {
+                TaprootError::InvalidInternalKey(secp256k1::Error::InvalidPublicKey)
+            })?,
+        )
+        .map_err(TaprootError::InvalidInternalKey)?;
         let merkle_branch = TaprootMerkleBranch::decode(&sl[TAPROOT_CONTROL_BASE_SIZE..])?;
         Ok(ControlBlock { leaf_version, output_key_parity, internal_key, merkle_branch })
     }